If you hold money in a payments app or e-wallet, whether that is Revolut, Wise, Monzo’s e-money product, PayPal, Klarna’s wallet, or one of the smaller specialist providers, the rules about how that money is supposed to be looked after just got stricter. The Financial Conduct Authority’s new safeguarding regime under Policy Statement PS25/12 came into force on 7 May 2026 and covers around £27 billion of consumer funds held by authorised payment institutions and e-money firms across the UK.
Here is what the new rules require, why they were introduced, what protection you actually have if your e-money provider fails, and how it compares with a bank account, all in plain English.
The short version
- FCA Policy Statement PS25/12 came into force on 7 May 2026, introducing a strengthened safeguarding regime for payment institutions (PIs) and e-money institutions (EMIs).
- Firms must now:
- Conduct daily internal and external reconciliations of client funds.
- File monthly regulatory returns confirming the safeguarding position.
- Commission annual independent audits (firms holding less than £100,000 in relevant funds are exempt).
- Hold resolution packs enabling swift fund return on failure.
- The rules apply to around 250 authorised payment and e-money firms covering ~£27 billion of consumer funds.
- Customer funds in a payments app or e-wallet are NOT covered by the Financial Services Compensation Scheme (FSCS) in the way a bank account is. The protection is instead “safeguarding”: the firm has to hold your money in a separate trust account, available for return if the firm fails.
- The new regime tightens this safeguarding, but the fundamental difference from a bank deposit account remains: payments apps are not banks.
Why the regime was strengthened
For most of their commercial life, payment institutions and e-money firms have operated under a “safeguarding” regime introduced by the Payment Services Regulations 2017 and the Electronic Money Regulations 2011. The headline rule is straightforward: customer funds must be kept separate from the firm’s own money, either by holding them in a designated client-funds bank account or by investing them in liquid low-risk assets (with a similar legal segregation).
The original regime worked in principle but exposed weaknesses in practice. Several high-profile failures of payment firms in recent years showed that safeguarding records can become out of sync with reality, reconciliations can lag, and resolution of customer claims can take months or years rather than days. The FCA’s response, after consultation through 2024 and 2025, is PS25/12: a tighter, more prescriptive regime designed to make safeguarding work the way it was always supposed to.
What the new rules require, in detail
Daily reconciliations
Firms must reconcile their internal records of customer balances against the actual balances held in safeguarding accounts every business day. Two reconciliations are required: an “internal” one (matching the firm’s customer-facing ledger to the firm’s own safeguarding ledger) and an “external” one (matching the firm’s safeguarding ledger to the bank or custodian holding the safeguarded funds).
If the reconciliation reveals a shortfall, the firm must top up the safeguarding account from its own funds the next business day. If it reveals an excess, the firm must release the excess to its own operating account.
Monthly regulatory returns
Firms must submit a monthly safeguarding return to the FCA confirming:
- The total amount of relevant customer funds.
- The amount held in safeguarding accounts.
- The location of those accounts (the bank or custodian).
- Any breaches or near-breaches during the month and how they were corrected.
This gives the FCA much more visibility than the previous annual reporting cycle, particularly for firms with growing customer balances.
Annual independent audits
Firms must commission an annual independent audit of their safeguarding arrangements by a qualified auditor (typically an accountant from a regulated firm). The audit report is submitted to the FCA. Firms holding less than £100,000 of relevant funds are exempt from the annual audit requirement, recognising that very small firms cannot reasonably bear the cost.
Resolution packs
Firms must prepare and maintain a “resolution pack” that documents the operational details an insolvency practitioner would need to return customer funds quickly in the event of firm failure. This includes:
- The customer ledger and how to access it.
- The contact details of the safeguarding bank or custodian.
- The processes for verifying customer identity and claim amounts.
- The IT systems and access credentials required to query customer balances.
The intent is that if a payment institution fails, the appointed insolvency practitioner should be able to start returning funds to customers within days or weeks, not months.
Why this is not the same as bank deposit protection
The crucial point to understand: even with the strengthened safeguarding regime, money in a payments app or e-wallet is not protected in the same way as money in a UK bank account.
Bank deposit protection (FSCS)
UK banks and building societies are authorised by the Prudential Regulation Authority (PRA) and the FCA. Deposits in those institutions are protected by the Financial Services Compensation Scheme (FSCS) up to £85,000 per person per banking licence. If your bank fails, you typically get your money back within seven working days.
FSCS protection is paid from a statutory levy on the financial services industry, not from the failed bank’s own assets. So even if the failed bank has no money left, FSCS covers you up to the limit.
E-money and payments safeguarding
Payment institutions and e-money institutions are authorised under different regulations. Customer funds are not “deposits” in the legal sense; they are amounts held for the customer’s benefit. The protection works differently:
- The firm has to keep your money in a segregated client-funds account.
- If the firm fails, that segregated account is not part of the firm’s assets and cannot be claimed by the firm’s creditors.
- An insolvency practitioner returns customer funds from the safeguarded account.
- FSCS does NOT provide a top-up if the safeguarded account is short.
In practice this means: if everything is in order, you should get your money back. If the firm’s safeguarding has failed (incomplete reconciliation, accounting errors, fraud), you may face a shortfall with no FSCS backstop. The new PS25/12 regime tightens the safeguarding to reduce the failure risk; it does not change the absence of FSCS coverage.
Which firms are affected
PS25/12 applies to FCA-authorised payment institutions and e-money institutions. The major consumer-facing names include:
- Revolut Ltd: operates under e-money authorisation in the UK while its banking licence application proceeds.
- Wise Payments Limited: UK e-money institution.
- PayPal (Europe) S.à r.l. & Cie: operates in the UK through its e-money product.
- Starling Bank (some products), Monzo (some products), and other neobanks operate certain e-money services alongside their banking deposits. The banking deposits are FSCS-protected; the e-money services are safeguarded under PS25/12.
- Klarna’s wallet feature: e-money wallet alongside the BNPL product.
- Smaller specialist firms covering currency exchange, business payments, and crypto on-ramps.
The key question for any individual provider is whether your specific money is held under their banking licence (FSCS) or their e-money authorisation (safeguarded). For mixed neobanks this can be confusing; the firm’s own terms and conditions will specify which protection applies to which product.
What it means in practice for users
Day to day, you should not notice anything
The new regime is a back-office change. Your daily experience of the app does not change. You log in, send money, receive payments, all as before.
Provider failures should be resolved faster
The biggest user-facing benefit, if a firm does fail, is that the insolvency process should return your money to you faster. Resolution packs and daily reconciliations make it possible for an insolvency practitioner to start processing claims within days rather than starting from scratch.
Provider failures should be less likely
Strict reconciliation and audit requirements catch problems earlier. Firms with slipping safeguarding processes are flagged to the FCA in their monthly returns; the FCA can intervene before the problem becomes a crisis.
The “is it a bank?” question still matters
If you hold significant amounts of money (say, more than a few thousand pounds) in a payments app or e-wallet for extended periods, it is still worth understanding whether the holder is operating under a banking licence (FSCS-protected) or as a payment / e-money institution (safeguarded only). For larger sums, a bank account, building society account, or NS&I product offers a different and arguably stronger protection profile.
Practical questions to ask your provider
If you are not sure how your money is protected with a particular provider:
- Look in the app’s “Help” or “Legal” section for a “How your money is protected” or “Safeguarding” page.
- Look for either “FSCS protected up to £85,000” or “safeguarded under the Electronic Money Regulations 2011 / Payment Services Regulations 2017”.
- If you have multiple products with one provider (a current account, a savings pot, a foreign currency wallet), each may have a different protection mechanism. Read carefully.
- If you cannot find a clear answer, ask customer support directly. A regulated firm should be able to answer “is my balance FSCS-protected or safeguarded?” without difficulty.
FAQ
Does the new regime cover crypto?
Crypto-asset custody is a separate regulatory area. The Financial Conduct Authority does not currently authorise crypto custody as a general activity in the way it authorises e-money and payments. Some crypto firms in the UK operate under e-money authorisation for their fiat balances; PS25/12 covers those fiat balances but not the underlying crypto holdings. For crypto specifically, your protection depends on the firm’s own arrangements and is generally weaker than for traditional financial products.
What if my payment provider is in another country?
The PS25/12 rules apply to firms authorised by the UK FCA. Many large international payment firms have specific UK authorised entities (PayPal Europe, Stripe Payments UK, Revolut Ltd) and the UK customer relationship is with those entities. If you are using a non-UK provider directly, your protection depends on that country’s regime.
Is my BNPL wallet covered?
BNPL providers that hold e-money balances (a “wallet” inside the app) are covered by PS25/12 for those e-money balances. The credit side of BNPL (your repayment plans) is a separate matter regulated under the new BNPL rules from 15 July 2026 (see our BNPL regulation guide).
What happened to customers of payment firms that have failed in the past?
Outcomes have varied. In some cases customers got most or all of their money back, often after considerable delay. In other cases, particularly where the failed firm’s safeguarding records had gaps, customers received less than 100% of their balances. The new regime is designed specifically to make such shortfalls less likely.
Should I close my payments app and move to a bank?
This depends on what you use the app for and how much you hold in it. For small balances used for day-to-day spending and transfers, e-money apps remain convenient and the safeguarding regime provides reasonable protection. For larger holdings or money you cannot afford to wait weeks to access, a bank account with FSCS protection is a different protection profile worth considering. This is general information, not personal advice; your own circumstances will determine what is right for you.
Does the regime apply to gift cards and prepaid cards?
Prepaid cards issued by e-money institutions are covered. Closed-loop gift cards (those usable only at one retailer) are typically not regulated as e-money and fall outside the regime; instead they sit under consumer law and the retailer’s own commercial arrangements.
Where to go from here
- FCA Policy Statement PS25/12: fca.org.uk – PS25/12
- FSCS coverage checker (for bank deposits): fscs.org.uk/check
- FCA register (to check authorisation status): register.fca.org.uk
- Related Savvy Investor guide: Buy Now Pay Later: what changes for shoppers from July 2026
This article explains the FCA’s new safeguarding regime for payment and e-money firms as of 13 May 2026. It is general information, not personal financial advice. Your specific protection depends on which firm holds your funds and under which authorisation; the firm’s own terms and conditions are the authoritative source.
Leave a Reply
You must be logged in to post a comment.